Overview

overview

7

Static

static

3

mmc-cracked-win32.zip

windows10-1703-x64

1

UltimMC/Qt5Core.dll

windows10-1703-x64

3

UltimMC/Qt5Gui.dll

windows10-1703-x64

3

UltimMC/Qt...rk.dll

windows10-1703-x64

3

UltimMC/Qt5Svg.dll

windows10-1703-x64

3

UltimMC/Qt...ts.dll

windows10-1703-x64

3

UltimMC/Qt5Xml.dll

windows10-1703-x64

3

UltimMC/UltimMC.exe

windows10-1703-x64

3

UltimMC/ic...on.dll

windows10-1703-x64

3

UltimMC/im...if.dll

windows10-1703-x64

3

UltimMC/im...ns.dll

windows10-1703-x64

3

UltimMC/im...co.dll

windows10-1703-x64

3

UltimMC/im...eg.dll

windows10-1703-x64

3

UltimMC/im...vg.dll

windows10-1703-x64

3

UltimMC/im...mp.dll

windows10-1703-x64

3

UltimMC/ja...ck.jar

windows10-1703-x64

7

UltimMC/ja...ch.jar

windows10-1703-x64

7

UltimMC/li...ix.dll

windows10-1703-x64

3

UltimMC/li...++.dll

windows10-1703-x64

3

UltimMC/li....dll.a

windows10-1703-x64

3

UltimMC/li...ip.dll

windows10-1703-x64

3

UltimMC/li...ow.dll

windows10-1703-x64

3

UltimMC/libeay32.dll

windows10-1703-x64

3

UltimMC/li...-1.dll

windows10-1703-x64

3

UltimMC/libssp-0.dll

windows10-1703-x64

3

UltimMC/li...-6.dll

windows10-1703-x64

3

UltimMC/li...-1.dll

windows10-1703-x64

3

UltimMC/pl...ws.dll

windows10-1703-x64

3

UltimMC/qt.conf

windows10-1703-x64

3

UltimMC/ssleay32.dll

windows10-1703-x64

3

UltimMC/zlib1.dll

windows10-1703-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    139s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    25-07-2024 21:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UltimMC/jars/JavaCheck.jar

  • Size

    1KB

  • MD5

    95ca783d78368acca0959ea1c015bef9

  • SHA1

    cde5000afbefb4cfa6bc135c1bbfe6a498759e68

  • SHA256

    b4b90cd7bf0dc9f5aa7e43d5ade152d762952b63078cf62ad2c5701a27a1e6ae

  • SHA512

    cfde22dc77f1fd3db80847f9339c6d5e7d4479f62113c59eb7c850a99e49bf7d65c1d2c31e95b917904e7bd1d3b0a619cb228b6821d503a5dbef7d47edee4fe2

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\UltimMC\jars\JavaCheck.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4180
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:4140

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    b94e3a13ee3ddc9ffcca880ff150e40e

    SHA1

    3259badea356762562fbd992cd033c5e3b3f2a24

    SHA256

    a38749f657ce31f5eebeb19cc7fd68e98b08f971de5940a4c5ff0d1a33c4f807

    SHA512

    8802176f86fdd78191a15597b9ce3d3be1aa3170dc02ae11747227a0da171d4db5f118e7c699f7554ae8fcef0c9e809a66999076186db04f57b7edff13b2459f

    Download Submit
  • memory/4180-2-0x000002919C990000-0x000002919CC00000-memory.dmp
    Filesize

    2.4MB

    Download
  • memory/4180-12-0x000002919C970000-0x000002919C971000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4180-13-0x000002919C990000-0x000002919CC00000-memory.dmp
    Filesize

    2.4MB

    Download